Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/890e8f94-59ce-46fd-8868-0f944004ff36.roa
File:                     890e8f94-59ce-46fd-8868-0f944004ff36.roa (raw, json)
Hash identifier:          aShtQNnKRU4z4HyDXH3XCDIsMVFL9G0ECFYD1S8ahBE=
Subject key identifier:   E8:54:0A:CB:45:7E:EE:88:06:15:55:AD:B0:0D:F1:54:01:2E:6B:FE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73F4FC479F6096843809D66689DF8BAC8D58AFD5
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/890e8f94-59ce-46fd-8868-0f944004ff36.roa
Signing time:             Tue 25 Mar 2025 17:30:27 +0000
ROA not before:           Tue 25 Mar 2025 17:30:27 +0000
ROA not after:            Tue 29 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:8190::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:f4:fc:47:9f:60:96:84:38:09:d6:66:89:df:8b:ac:8d:58:af:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 25 17:30:27 2025 GMT
            Not After : Apr 29 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:49:5b:94:21:e2:83:bc:7e:a7:bb:c9:cc:d1:
                    a8:6d:38:7c:ad:3d:22:d8:86:9c:62:d8:c3:16:00:
                    89:bd:00:40:57:94:8f:c2:ab:6f:90:9d:76:d8:14:
                    cb:72:82:1d:d1:fd:49:dd:2c:2a:39:d6:af:9a:5f:
                    26:9c:10:99:7b:31:19:5a:da:89:44:e4:f2:55:85:
                    2c:fb:d8:f1:44:45:80:ce:77:6d:f6:33:f3:bd:8a:
                    e0:8e:8a:28:47:b0:5f:12:b0:bc:08:5d:c4:dd:26:
                    f8:08:f8:98:f5:df:a0:62:cf:67:08:71:91:1c:76:
                    4a:35:ed:40:5d:b9:a9:f2:0f:b8:68:3b:06:98:2e:
                    40:e4:c7:37:83:cd:81:c9:ff:b1:6f:dd:71:4a:df:
                    32:1c:c1:a1:33:ef:ef:30:a4:a3:fa:8e:09:01:29:
                    d0:58:d6:70:12:be:b3:d5:8b:42:9d:d8:fb:16:24:
                    54:9f:40:6f:5f:5b:66:aa:f5:a7:32:ea:31:97:ba:
                    58:2d:1c:92:b6:25:16:d3:24:93:8f:dc:69:13:dc:
                    e3:a5:c7:e4:d9:07:cd:68:9e:9c:22:09:2e:91:2a:
                    81:ce:a0:10:3d:c0:ca:a7:13:c7:63:41:79:69:bd:
                    25:36:e0:ba:19:2a:68:5a:f3:23:c7:70:c2:3c:68:
                    db:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:54:0A:CB:45:7E:EE:88:06:15:55:AD:B0:0D:F1:54:01:2E:6B:FE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/890e8f94-59ce-46fd-8868-0f944004ff36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8190::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:c1:47:e4:b7:cd:e6:f5:68:a8:fd:10:7d:43:e6:74:3e:f1:
         20:7d:97:38:1b:e8:17:d0:d7:a8:3e:1f:bc:66:fe:61:ae:f5:
         78:44:be:3d:13:53:9e:1c:04:b2:62:c1:d4:34:15:a7:79:f2:
         17:1e:47:54:a5:60:ff:fb:86:5b:25:d5:2b:2f:c0:37:86:96:
         a9:d5:24:51:e0:4c:de:80:db:42:dd:0a:45:20:df:28:f0:6a:
         7d:62:5c:32:ed:5b:5d:32:7b:5d:97:d6:eb:24:bd:14:72:dd:
         45:dd:5b:f6:f5:97:0d:cb:0e:ae:e3:7b:95:f4:f3:28:d0:34:
         51:23:34:4a:d1:bf:9f:8a:1f:92:49:cd:c4:d7:ab:c1:e5:b6:
         79:4e:53:ed:2d:e2:93:05:8b:db:0b:92:44:b5:8e:79:c3:69:
         4f:56:82:5f:ad:18:42:ad:a1:f3:a0:03:3f:07:08:07:00:05:
         cc:fd:35:05:2d:40:45:72:25:77:e4:31:7f:73:84:4c:44:3a:
         90:56:00:46:e0:f1:58:1e:6c:90:f2:9d:44:56:54:3b:ea:bb:
         18:07:73:de:4f:d5:96:2c:be:00:28:f3:81:b0:23:77:2c:cd:
         36:f5:eb:65:86:e8:1e:96:08:72:92:5e:6e:28:d5:c8:15:31:
         7b:f9:57:b1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUc/T8R59gloQ4CdZmid+LrI1Yr9UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI1MTczMDI3WhcNMjUwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYWUyZGM4YWZmNmRkNzlhOTI2MjhlYjRjM2NhYjUxNWE3
OThmYzBmYmQ2ODNlM2RlNGE0MWNhZTUwZGIxOTEwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQSVuUIeKDvH6nu8nM0ahtOHytPSLYhpxi2MMWAIm9AEBX
lI/Cq2+QnXbYFMtygh3R/UndLCo51q+aXyacEJl7MRla2olE5PJVhSz72PFERYDO
d232M/O9iuCOiihHsF8SsLwIXcTdJvgI+Jj136Biz2cIcZEcdko17UBduanyD7ho
OwaYLkDkxzeDzYHJ/7Fv3XFK3zIcwaEz7+8wpKP6jgkBKdBY1nASvrPVi0Kd2PsW
JFSfQG9fW2aq9acy6jGXulgtHJK2JRbTJJOP3GkT3OOlx+TZB81onpwiCS6RKoHO
oBA9wMqnE8djQXlpvSU24LoZKmha8yPHcMI8aNv3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6FQKy0V+7ogGFVWtsA3xVAEua/4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg5MGU4Zjk0LTU5Y2UtNDZmZC04ODY4LTBmOTQ0MDA0ZmYzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgZAwDQYJKoZIhvcNAQELBQADggEBABHBR+S3zeb1aKj9EH1D5nQ+
8SB9lzgb6BfQ16g+H7xm/mGu9XhEvj0TU54cBLJiwdQ0Fad58hceR1SlYP/7hlsl
1SsvwDeGlqnVJFHgTN6A20LdCkUg3yjwan1iXDLtW10ye12X1uskvRRy3UXdW/b1
lw3LDq7je5X08yjQNFEjNErRv5+KH5JJzcTXq8HltnlOU+0t4pMFi9sLkkS1jnnD
aU9Wgl+tGEKtofOgAz8HCAcABcz9NQUtQEVyJXfkMX9zhExEOpBWAEbg8VgebJDy
nURWVDvquxgHc95P1ZYsvgAo84GwI3cszTb162WG6B6WCHKSXm4o1cgVMXv5V7E=
-----END CERTIFICATE-----